Skip to content
Detection Engineer
| Company | Deepwatch |
|---|
| Location | Washington, DC, USA |
|---|
| Salary | $106000 – $150000 |
|---|
| Type | Full-Time |
|---|
| Degrees | |
|---|
| Experience Level | Mid Level |
|---|
Requirements
- Cybersecurity experience in a technical role or experience working in a SOC/MDR/MSSP
- The ability to engineer creative, scalable, and out-of-the-box solutions
- To stay up to date with engineering best practices, security technology trends, tools, and frameworks
- To investigate and create security rules in at least 1 SIEM (Splunk required; Sentinel or Chronicle a plus)
- An understanding of common enterprise technologies and logging capabilities including Cloud, IDS/IPS, Firewalls, Active Directory, Anti-Virus/EDR, Proxies, and Email Gateway
- Knowledge of various attack frameworks such as MITRE ATT&CK and general adversarial / defensive security techniques (e.g. the Cyber Kill Chain, and NIST)
- To communicate and document technical information effectively towards various audiences
Responsibilities
- Evaluate current monitoring and detection capabilities to identify areas for improvement
- Manage detection capabilities to ensure appropriate coverage, effective operation, and adherence to Deepwatch standards
- Perform detection assessments, including content roadmap, for small-to-medium size customers
- Ensure ingested log sources conform to CIM standards
Preferred Qualifications
- Experience with Sentinel or Chronicle SIEM tools is a plus
